]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit
projects / thirdparty / Python / cpython.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: eb0d255) | patch
bpo-39603: Prevent header injection in http methods (GH-18485) (GH-21538)
authorMiss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Sun, 19 Jul 2020 09:27:35 +0000 (02:27 -0700)
committerGitHub <noreply@github.com>
Sun, 19 Jul 2020 09:27:35 +0000 (05:27 -0400)
commitca75fec1ed358f7324272608ca952b2d8226d11a
tree4447f5359a2fbda80fa1591fdc2067e062626955tree | snapshot
parenteb0d255ffe002412bb937e1bde61225e5431da5ecommit | diff
bpo-39603: Prevent header injection in http methods (GH-18485) (GH-21538)

reject control chars in http method in http.client.putrequest to prevent http header injection
(cherry picked from commit 8ca8a2e8fb068863c1138f07e3098478ef8be12e)

Co-authored-by: AMIR <31338382+amiremohamadi@users.noreply.github.com>
Lib/http/client.py diff | blob | blame | history
Lib/test/test_httplib.py diff | blob | blame | history
Misc/NEWS.d/next/Security/2020-02-12-14-17-39.bpo-39603.Gt3RSg.rst [new file with mode: 0644] blob
Mirror of https://github.com/python/cpython.git